$ rpki-client -vvf rpki.apnic.net/member_repository/A9151B71/9FD5F80E2EA911EB9168FB37C4F9AE02/baFr8M0J73aPkCE7ZtjLw86TQgY.mft File: baFr8M0J73aPkCE7ZtjLw86TQgY.mft (raw, json) Hash identifier: Jcx2t4KL/9xMwsykSE+ZJKrcgH4KRWiPaoHT6RqVdn8= Subject key identifier: DF:51:55:FD:C8:EB:CB:01:7D:C3:20:CB:37:36:52:23:1A:5C:E4:22 Authority key identifier: 6D:A1:6B:F0:CD:09:EF:76:8F:90:21:3B:66:D8:CB:C3:CE:93:42:06 Certificate issuer: /CN=A9151B71/serialNumber=6DA16BF0CD09EF768F90213B66D8CBC3CE934206 Certificate serial: 0686 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/baFr8M0J73aPkCE7ZtjLw86TQgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9151B71/9FD5F80E2EA911EB9168FB37C4F9AE02/baFr8M0J73aPkCE7ZtjLw86TQgY.mft Manifest number: 067E Signing time: Sat 18 May 2024 23:28:40 +0000 Manifest this update: Sat 18 May 2024 23:28:39 +0000 Manifest next update: Sat 25 May 2024 23:28:39 +0000 Files and hashes: 1: baFr8M0J73aPkCE7ZtjLw86TQgY.crl (hash: inXQKO1k65tIHEYoJtuQAJuxH+jJXWWdMBBNQacDQf4=) 2: 0A866A522EAB11EBAB198239C4F9AE02.roa (hash: 6hDu1kE4GO085qpFOCQZLCpWlIpJI/9a6k7iwPrXpik=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9151B71/9FD5F80E2EA911EB9168FB37C4F9AE02/baFr8M0J73aPkCE7ZtjLw86TQgY.crl rsync://rpki.apnic.net/member_repository/A9151B71/9FD5F80E2EA911EB9168FB37C4F9AE02/baFr8M0J73aPkCE7ZtjLw86TQgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/baFr8M0J73aPkCE7ZtjLw86TQgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 May 2024 19:51:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1670 (0x686) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9151B71/serialNumber=6DA16BF0CD09EF768F90213B66D8CBC3CE934206 Validity Not Before: May 18 23:28:39 2024 GMT Not After : May 25 23:28:39 2024 GMT Subject: CN=664939a7-1d1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:bd:d5:bd:89:84:17:34:fc:bf:04:74:a4:be: fb:8f:25:a6:f4:8c:e1:25:c0:fd:b1:eb:2d:7b:b4: 05:de:12:85:cd:ac:04:51:8d:48:0c:41:12:a2:d8: 7a:cf:cf:0c:d8:87:56:f5:8e:ba:10:b4:46:71:48: 56:78:20:7c:14:39:e7:38:e6:7c:b2:88:b7:1b:5e: c6:3f:23:f9:a5:3d:c8:ac:e4:1e:3d:bc:ba:36:e0: bb:c5:73:ac:92:8b:ed:fb:e4:4f:89:8e:1e:12:ff: 2e:c3:e2:0e:12:7f:1a:6d:36:c6:72:1e:e8:97:c2: e1:4e:a2:c9:a3:64:9e:9e:c7:a9:d3:ea:f3:fa:96: b7:aa:4d:96:34:78:58:83:f8:5a:83:2e:ff:c2:db: 53:e6:d8:57:bd:aa:9b:e9:fd:d5:2a:51:20:18:44: 71:8b:91:08:9b:c5:e3:2b:03:5b:69:5b:e2:36:4d: c9:ac:05:6f:4d:c3:5d:d6:e8:5a:cf:ac:da:5f:5a: 8c:4f:a5:ce:bd:1e:ca:45:9e:48:a2:d3:4d:4d:d9: 8d:98:5c:85:ca:a8:2b:8c:dc:34:d3:7d:f6:49:e5: a9:09:5f:f1:6c:39:30:da:11:ef:dc:5b:76:65:d5: a8:32:e3:f9:c3:5a:87:15:7e:5a:7c:c1:31:62:18: 99:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:51:55:FD:C8:EB:CB:01:7D:C3:20:CB:37:36:52:23:1A:5C:E4:22 X509v3 Authority Key Identifier: keyid:6D:A1:6B:F0:CD:09:EF:76:8F:90:21:3B:66:D8:CB:C3:CE:93:42:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9151B71/9FD5F80E2EA911EB9168FB37C4F9AE02/baFr8M0J73aPkCE7ZtjLw86TQgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/baFr8M0J73aPkCE7ZtjLw86TQgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9151B71/9FD5F80E2EA911EB9168FB37C4F9AE02/baFr8M0J73aPkCE7ZtjLw86TQgY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:4b:d4:a6:e2:d7:9e:df:66:d8:b0:85:38:64:49:1e:e0:15: 25:30:93:75:b5:a8:e9:13:69:be:d1:74:0c:e7:6c:e6:af:2c: 3f:ca:5d:b6:34:b4:e9:8f:ba:c3:38:7a:10:5a:e9:dd:4a:8a: 1e:ba:42:db:96:50:7b:ee:97:19:ad:51:6a:4a:fa:91:9f:3f: 10:44:76:93:35:b4:e8:11:54:16:46:1a:f7:bc:65:dd:a0:df: 05:1a:4f:5d:63:d2:f6:0a:45:98:66:62:a6:1f:43:4d:c1:92: 2d:1d:c3:06:b5:3c:44:bf:e2:f7:69:17:f3:a3:4d:89:80:b2: 32:48:e4:84:e8:f9:c8:45:53:a1:14:8b:4f:de:f3:89:73:c3: 42:e2:f2:2a:6a:2a:f3:50:ac:e2:af:d5:b3:d7:45:ae:0c:27: ba:50:b9:c3:ef:7f:69:3c:bc:da:9e:21:de:62:05:15:5d:df: 1d:9c:9d:e1:b4:8f:c3:28:87:3d:e9:f2:7f:a9:9b:a2:f2:5a: e1:cd:40:c5:80:2b:01:1b:b6:16:15:cd:7a:b2:a8:7b:ce:be: 88:d7:4f:e4:b2:59:52:bf:4e:02:0d:47:c5:4e:54:22:20:40: 41:3f:bf:ae:b2:e7:c9:11:f7:46:3a:d9:9d:0f:a6:6b:27:e1: b2:7b:7f:a6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTFCNzExMTAvBgNVBAUTKDZEQTE2QkYwQ0QwOUVGNzY4RjkwMjEzQjY2RDhDQkMz Q0U5MzQyMDYwHhcNMjQwNTE4MjMyODM5WhcNMjQwNTI1MjMyODM5WjAYMRYwFAYD VQQDEw02NjQ5MzlhNy0xZDFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5b3VvYmEFzT8vwR0pL77jyWm9IzhJcD9seste7QF3hKFzawEUY1IDEESoth6 z88M2IdW9Y66ELRGcUhWeCB8FDnnOOZ8soi3G17GPyP5pT3IrOQePby6NuC7xXOs kovt++RPiY4eEv8uw+IOEn8abTbGch7ol8LhTqLJo2Sensep0+rz+pa3qk2WNHhY g/hagy7/wttT5thXvaqb6f3VKlEgGERxi5EIm8XjKwNbaVviNk3JrAVvTcNd1uha z6zaX1qMT6XOvR7KRZ5IotNNTdmNmFyFyqgrjNw00332SeWpCV/xbDkw2hHv3Ft2 ZdWoMuP5w1qHFX5afMExYhiZswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN9RVf3I 68sBfcMgyzc2UiMaXOQiMB8GA1UdIwQYMBaAFG2ha/DNCe92j5AhO2bYy8POk0IG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MUI3MS85RkQ1RjgwRTJF QTkxMUVCOTE2OEZCMzdDNEY5QUUwMi9iYUZyOE0wSjczYVBrQ0U3WnRqTHc4NlRR Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JhRnI4TTBKNzNhUGtDRTdadGpMdzg2VFFnWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MUI3MS85RkQ1RjgwRTJFQTkxMUVCOTE2OEZCMzdDNEY5QUUwMi9iYUZyOE0wSjcz YVBrQ0U3WnRqTHc4NlRRZ1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzS9Sm4tee32bYsIU4ZEke4BUlMJN1tajpE2m+0XQM52zmryw/yl22 NLTpj7rDOHoQWundSooeukLbllB77pcZrVFqSvqRnz8QRHaTNbToEVQWRhr3vGXd oN8FGk9dY9L2CkWYZmKmH0NNwZItHcMGtTxEv+L3aRfzo02JgLIySOSE6PnIRVOh FItP3vOJc8NC4vIqairzUKzir9Wz10WuDCe6ULnD739pPLzaniHeYgUVXd8dnJ3h tI/DKIc96fJ/qZui8lrhzUDFgCsBG7YWFc16sqh7zr6I10/ksllSv04CDUfFTlQi IEBBP7+usufJEfdGOtmdD6ZrJ+Gye3+m -----END CERTIFICATE-----Generated at Sun May 19 00:16:13 2024 by rpki-client on console-fra.rpki-client.org